Microsoft reveals its “1-million’ bug finder

Source:cio.com

A bug detector for cloud named Project Springfield owned by Microsoft is undergoing previewing which according to the company is its most complicated tool for detecting vulnerabilities in security.

The project makes use of “whitebox fuzzing,” that was behind the uncovering of 1/3 of “one-million-dollar” bugs for security at the time that Windows 7 was being developed. The company has a making use of what they call SAGE which is a part of the project since the middle of 2000s to carry out tests on products before they are released. This includes a fusion of both Office and Windows applications.

SAGE is therefore faced with other tools when carrying out this project that includes interfaces and dashboard that will allow people to make use of it without needing to have security background. This test is already being making use of Azure cloud.

With this kind of testing, random inputs are thrown at different software so as to find out if any of such action could cause crashing of the software. David Molnar, Microsoft researcher stated the test became necessary for software that is always inputting such things as videos, images, documents, as well as other information on a regular basis that cannot be trusted.

It is a known fact that cloud systems are always targeted for malicious attacks so that their system will crash. With Whitebox fuzzing, a lot of questions such as “what if” kind of questions will be tested making use of artificial intelligence to have an idea of what could cause a security concern or crash.

Project Springfield was first of all used on the web page of defunt mashup creation service and Popfly by Microsoft. There is, however, no relationship between these two projects the company says.

During the preview, Microsoft will invite customers to observe project Springfield and make the observations and input.